SANS Digital Forensics and Incident Response Blog

Touch Screen Voting Requires Forensic Foresight

There has been a ground swell of news reports in the past week about possible touch screen voting irregularities. Stories have been coming out of states like Nevada and North Carolina. I was rankled when Nevada election officials proclaimed it "technologically impossible" that voter's electronic ballot was "premarked" for a candidate when a voter inserted her ballot card into a touch screen voting machine. According to the voter, several people she knows experienced the same condition. The voter did not alert election officials, but appears to have alerted the media

Did it happen? I don't know, but I don't want to hear our election officials telling voters or the press that such fraud is impossible. Not only is electronic data manipulation always possible, but voting machine flaws have been demonstrated repeatedly. And those demonstrations don't even contemplate polling place procedures, reliance on volunteer poll workers, huge amounts of money involved in high-stakes races, and the long planning period that would be possible between elections.

What's impossible is putting your faith in people who don't acknowledge that electronic fraud can occur. It would be far more comforting to hear them acknowledge that fraud is an ever-present concern, and then tell us some (not all) of the measures they take to prevent it. And, that the officials are going to post the logs from each voting machine on-line, for crowd-sourced forensic analysis. While the vote itself needs to remain confidential, the logs and events from the voting machines should be a matter of public record. These measures would discourage fraud attempts, and increase the public's faith in the integrity of the vote.

"There's no evidence," they said, which is what the folks in charge say after most data breaches. "There's no evidence anyone was harmed" is a phrase you will find in almost every data breach news story where anyone from management is quoted.

The election officials went beyond that, blaming the problem on sloppy voters touching sensitive screens. This explanation does nothing to calm the emotional voter who believes something has gone haywire with his or her vote. And voter fear and frustration does not foster trust in government.

In response to this issue, I developed a basic evidence preservation guide for the average voter, and a plan of action for voting day. That way, if something odd happens, there will be evidence, which will be of great help in figuring out what went wrong, or at least provide a more comforting explanation than "it's impossible." The steps in this plan are simple enough for just about any voter to follow. I encourage the readers of this blog posting to circulate this plan. For those with more questions about electronic voting fraud, The CyberJungle radio program answered questions from listeners, and this week's program is, in effect, an FAQ on electronic voting, fraud, logging, and relevant forensic issues. Full disclosure: I co-host that program.

Remain skeptical when you vote, but don't be paranoid. Most votes, most of the time, are counted and recorded accurately.

Ten Steps: A Forensic Approach to Touch Screen Voting:

1) Planning ahead before going to the polls is important. "Plan the dive, and dive the plan" as the saying goes.

2) If your cell phone has a camera: Calibrate the time/date on your phone. Just about every cell phone or smart phone has a setting to calibrate the phone's time with the carrier. This will give you a fairly accurate time stamp. If your cell phone does not have a camera, or you don't own a cell phone, bring a camera and a watch (with the correct time) with you to the polls. Bring a pen a paper with you to the polls, or know how to use the note or email feature of your cell phone/ smartphone.

3) When you are about to start voting, don't touch the electronic voting machine screen with anything other than the pointer/eraser you are give. "Fat fingering" the screen is common. If you observe any irregularities before, during, or after you register your votes, take a picture of the screen(s). Note the time you took the photos.

4) Locate the serial number on the voting machine and write it down (it might be on the front, or the back of the machine, but each machine has a unique control number).

5) Find the transaction number or your voter number, if you have gone far enough to generate one. Write that number down.

6) Explain the problem to a poll worker. Most poll workers will be helpful, but voters should never assume that poll-workers are the final authority on fraud and machine malfunctions. Some poll workers may repeat the misinformation that mal-programmed machines are "impossible."

7) If it is determined that a machine failure has occurred, ask to vote on another machine. Make sure that vote occurs smoothly.

8) If you don't get satisfaction from the poll worker, talk to the poll manager. If you don't get satisfaction at that level, ask if there are any observers present from the political parties or the secretary of state's office. Keep your documentation of what happened.

9) If nobody on site can give you satisfaction, take the information you have recorded, and call or go to the election office at your county government complex. If you do not get satisfaction at the county level, contact the secretary of state's office for your state.

10) Only after you have gone through these steps, and no satisfactory explanation has resulted, should you alert the media. If you have exhausted the steps above, a good reporter will want a copy of your information, and a BRIEF description of what happened.

by Ira Victor, G7799, GCFA, GPCI, GSEC, ISACA, CGEIT. Ira Victor is a forensic analyst with Data Clone Labs, He is also Co-Host of The CyberJungle radio program, the news and talk each week on security, privacy and the law . Ira is President of Sierra-Nevada InfraGard, and a member of High Tech Crime International Association.

1 Comments

Posted November 2, 2010 at 1:20 AM | Permalink | Reply

IT Consultancy

That is very interesting. As much as we hate to admit it, election frauds are there. I just wonder if a touch screen voting system will be harder to tamper with if anyone is planning such. But then again, won't it be too complicated a process for some countries if ever they do decide to go with a touch screen voting process. Nevertheless, it is an interesting thought and hopefully untamperable. Cheers!